Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XD4Zwzb-Uir6DEZdrMI3aLEPQ88.roa
File: XD4Zwzb-Uir6DEZdrMI3aLEPQ88.roa (raw, json)
Hash identifier: lyz4tlVjRB7Cre5ftj0t5NNzpMeMXNARNqHeI/4fQIA=
Subject key identifier: 5C:3E:19:C3:36:FE:52:2A:FA:0C:46:5D:AC:C2:37:68:B1:0F:43:CF
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 129316BF
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XD4Zwzb-Uir6DEZdrMI3aLEPQ88.roa
Signing time: Sat 01 Jan 2022 10:05:53 +0000
ROA not before: Sat 01 Jan 2022 10:05:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208593
IP address blocks: 5.202.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 311629503 (0x129316bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 10:05:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c3e19c336fe522afa0c465dacc23768b10f43cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:26:6c:4f:da:ff:5b:0d:55:bf:a6:8a:66:ed:
57:e7:08:3a:76:e7:ab:1f:3d:40:e6:99:fa:a1:2e:
77:a7:7d:6c:34:4a:e4:5b:6a:1a:82:c9:46:f6:f4:
0f:56:9f:5e:46:c9:3b:b0:24:c7:c1:35:a5:c5:b9:
fb:c3:75:2e:46:4e:da:94:46:9a:d0:9d:bb:aa:d8:
49:c1:9d:5b:f8:75:aa:72:d1:37:d6:43:ce:5a:74:
41:40:d2:ff:b4:80:a3:48:0f:50:4c:9f:b8:5e:29:
57:dc:6c:48:eb:4f:37:99:f9:be:67:4b:26:1a:ef:
c5:8b:cf:11:19:69:3a:b4:8c:4a:28:63:af:72:c4:
31:3f:5b:d9:23:ff:7f:69:a3:75:1a:87:a8:f4:69:
4b:30:f0:96:c6:34:7b:8c:12:87:96:6b:dc:4c:84:
80:ad:9a:81:98:8b:3a:23:fe:1a:e6:ad:0c:20:e0:
50:80:32:ca:f0:ea:c4:c8:12:d2:f4:01:78:82:80:
23:a0:18:f6:63:0e:39:36:60:0d:98:2d:56:04:29:
c9:4a:a2:b8:93:1e:64:19:9d:41:b2:e2:59:b0:90:
d9:32:7e:4c:14:7e:64:62:c7:b9:c1:5f:bd:57:8a:
f3:63:20:71:5f:c6:35:cf:70:b6:ee:0a:7a:45:fa:
03:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3E:19:C3:36:FE:52:2A:FA:0C:46:5D:AC:C2:37:68:B1:0F:43:CF
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XD4Zwzb-Uir6DEZdrMI3aLEPQ88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.187.0/24
Signature Algorithm: sha256WithRSAEncryption
65:86:77:31:dd:79:96:79:5c:e8:c5:53:48:14:4d:24:7e:8a:
4d:4a:a1:d9:d0:da:12:b6:09:08:82:35:2b:57:c6:fe:e2:f1:
45:78:f7:12:2e:bb:9a:81:df:08:22:25:df:f4:81:d1:b5:1f:
f6:3b:87:ab:f9:c2:68:55:37:3c:ed:d8:54:70:02:6d:24:b0:
58:75:b7:af:65:f2:44:58:84:bb:e1:f3:86:3d:a3:8d:b3:93:
5f:fb:9b:70:19:dc:f7:24:2a:89:f5:38:f7:db:34:e5:06:e6:
1e:05:24:2c:ba:fa:d7:3e:24:0d:f4:0a:f6:d0:30:b1:37:a2:
d6:83:0d:1d:59:44:1c:fb:77:96:ae:6a:ab:25:2c:61:71:7b:
36:07:99:a2:0e:29:a5:ae:c0:1c:d3:1b:e6:ac:1f:30:de:07:
47:5b:92:2f:fd:09:0d:25:e4:82:d5:86:07:a5:bc:8e:f7:9e:
09:52:d8:5f:90:da:3b:b9:a9:9a:b4:35:fa:30:03:ef:25:a8:
9d:5c:4b:90:fc:64:36:0e:0f:bb:f8:e6:14:04:a0:b7:b6:f1:
ee:53:39:d5:cf:4a:68:1f:aa:66:95:20:03:75:59:d8:aa:3e:
ca:08:6f:5b:7b:13:50:48:1c:86:30:74:2f:1d:5d:f7:61:06:
8f:aa:4f:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEpMWvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTFlNjkzNjhhYmQzNDUzOGZlNzdkZGFhYmNkYzgzNWFmNTk1ZWJhMB4XDTIyMDEw
MTEwMDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMzZTE5YzMzNmZl
NTIyYWZhMGM0NjVkYWNjMjM3NjhiMTBmNDNjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYmbE/a/1sNVb+mimbtV+cIOnbnqx89QOaZ+qEud6d9bDRK
5FtqGoLJRvb0D1afXkbJO7Akx8E1pcW5+8N1LkZO2pRGmtCdu6rYScGdW/h1qnLR
N9ZDzlp0QUDS/7SAo0gPUEyfuF4pV9xsSOtPN5n5vmdLJhrvxYvPERlpOrSMSihj
r3LEMT9b2SP/f2mjdRqHqPRpSzDwlsY0e4wSh5Zr3EyEgK2agZiLOiP+GuatDCDg
UIAyyvDqxMgS0vQBeIKAI6AY9mMOOTZgDZgtVgQpyUqiuJMeZBmdQbLiWbCQ2TJ+
TBR+ZGLHucFfvVeK82MgcV/GNc9wtu4KekX6AxECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcPhnDNv5SKvoMRl2swjdosQ9DzzAfBgNVHSMEGDAWgBSaHmk2ir00U4/n
fdqrzcg1r1leujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21oNXBOb3E5TkZPUDUzM2FxODNJTmE5Wlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8x
L1hENFp3emItVWlyNkRFWmRyTUkzYUxFUFE4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
Nzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8xL21oNXBOb3E5TkZP
UDUzM2FxODNJTmE5Wlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAXKuzANBgkqhkiG9w0BAQsFAAOC
AQEAZYZ3Md15lnlc6MVTSBRNJH6KTUqh2dDaErYJCII1K1fG/uLxRXj3Ei67moHf
CCIl3/SB0bUf9juHq/nCaFU3PO3YVHACbSSwWHW3r2XyRFiEu+Hzhj2jjbOTX/ub
cBnc9yQqifU499s05QbmHgUkLLr61z4kDfQK9tAwsTei1oMNHVlEHPt3lq5qqyUs
YXF7NgeZog4ppa7AHNMb5qwfMN4HR1uSL/0JDSXkgtWGB6W8jveeCVLYX5DaO7mp
mrQ1+jAD7yWonVxLkPxkNg4Pu/jmFASgt7bx7lM51c9KaB+qZpUgA3VZ2Ko+yghv
W3sTUEgchjB0Lx1d92EGj6pPJw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:54 2023 by rpki-client on console-fra.rpki-client.org